Member

You need to configure the Group Policy for salespeople.
SOlution: You create one Group Policy Object (GPO) that uses applocker and link the GPO to the root of the domain. You modify GPO security filtering to allow only the sales department computers to read and apply the GPO. You also create a WMI filter that applies only to laptop computers and associate the filter with the GPO.

Member

Your network contains two server named DHCP1 and DHCP2 that run Windows Server 2012 and have the DHCP Server server role installed. You need to design a highly available DHCP deployment to meet the following requirements.

Member

the question is like : a company has cloud based service and have 20 customers, each customer has a A/D hosted by this company, you need to setup radius for them, how many radius servers/radius proxy servers and VPN servers you need to set up.

Member

Dear visitor, you need to Register or Login to view links on Certify Chat.

I got 1 NEW question today, but can't remember the answers,

the question is like : a company has cloud based service and have 20 customers, each customer has a A/D hosted by this company, you need to setup radius for them, how many radius servers/radius proxy servers and VPN servers you need to set up.

Member

Member

Dear visitor, you need to Register or Login to view links on Certify Chat.

Your network contains two server named DHCP1 and DHCP2 that run Windows Server 2012 and have the DHCP Server server role installed. You need to design a highly available DHCP deployment to meet the following requirements.

Member

Dear visitor, you need to Register or Login to view links on Certify Chat.

A is less admin effort, B sounds best
C and D don't exist for ipv6
take your pick, i dont even think microsoft has an answer for this one

Click to expand...

It is A

Dear visitor, you need to Register or Login to view links on Certify Chat.

...DHCP failover in Windows Server 2012 provides support for a maximum of two DHCP servers, and the failover relationship is limited to IPv4 scopes and subnets. Network nodes using Internet Protocol version 6 (IPv6) typically determine their own IPv6 address using stateless IP auto configuration. In this mode, the DHCP server delivers only the DHCP option configuration, and the server does not maintain any lease state information. A high availability deployment for stateless DHCPv6 is possible by simply setting up two servers with identical option configuration. Even in a stateful DHCPv6 deployment, the scopes do not run under high address utilization, which makes split scope a viable solution for high availability.

Member

Q 5
You are the administrator for a large company.You plan to implement servers in the environment that do not use local hard drives.
You need to recommend a supported storage solution.Which technology should you recommend?

Member

Was trying to understand this question and why answer was 4, 4, 2 but found a lot of different answers online. I did my own research and think that I found the reason, can anyone verify for me?

Your network contains an Active Directory forest named northwindtraders.com.
The client computers in the finance department run either Windows 8.1, Windows 8, or Windows7.
All of the client computers in the marketing department run Windows 8.1.
You need to design a Network Access Protection (NAP) solution for northwindtraders.com that meets the following requirements:
- The client computers in the finance department that run Windows 7 must have a firewall enabled and the antivirus
software must be up-to- date.
- The finance computers that run Windows 8.1 or Windows 8 must have automatic updating enabled and the antivirus
software must be up-to- date.
- The client computers in the marketing department must have automatic updating enabled and the antivirus software must
be up-to-date.
- If a computer fails to meet its requirements, the computers must be provided access to a limited set of resources on
the network.
- If a computer meets its requirements, the computer must have full access to the network.
What is the minimum number of objects that you should create to meet the requirements? To answer, select the appropriate number for each object type in the
answer area.

//////My Answer//////

I was confused as well, I did some research and found the below, looks like 4, 4, 2 is correct to me - what do you guys think?

Member

After doing some other research online I believe the answer to this question is below, can anyone confirm?

You deploy a web application named WebApp1 to a server named WEB01.
WAP01 and WEB01 both run Microsoft Windows Server 2012 R2 and are members of the Active Directory Domain Services (AD DS) domain named
corp.contoso.com.
You have the following requirements:
WebApp1 must be available internally at URL

Dear visitor, you need to Register or Login to view links on Certify Chat.

by using Kerberos authentication.
WebApp1 must be available externally at URL

Dear visitor, you need to Register or Login to view links on Certify Chat.

My research:
SPN formatting does not include HTTPS, it only needs http service class defined:The HTTP service class The HTTP service class differs from the HTTP protocol. Both the HTTP protocol and the HTTPS protocol use the HTTP service class. The service class is the string that identifies the general class of service. Well-known service class names include "www" for a Web service and "ldap" for a directory service. Generally, the service class name can be any string that is unique to the service class. Be aware that the SPN syntax uses a forward slash character (/) to separate elements. Therefore, the forward slash character (/) cannot appear in a service class name.

Dear visitor, you need to Register or Login to view links on Certify Chat.

Further proven here:

Dear visitor, you need to Register or Login to view links on Certify Chat.

"A string that identifies the general class of service; for example, "SqlServer". There are well-known service class names, such as "www" for a Web service or "ldap" for a directory service. In general, this can be any string that is unique to the service class. Be aware that the SPN syntax uses a forward slash (/) to separate elements, so this character cannot appear in a service class name."

If you scroll down you'll see this example: "Examples of SPN registrations: HTTP/www.contoso.com â€“ Any page on the Web site on the default TCP port 80 for

Dear visitor, you need to Register or Login to view links on Certify Chat.

, that is

Dear visitor, you need to Register or Login to view links on Certify Chat.

."

Another forum source that states same thing:

Dear visitor, you need to Register or Login to view links on Certify Chat.

Member

You have a server named Server1 that runs Windows Server 2012.
Server1 has the DNS Server server role installed.
You need to recommend changes to the DNS infrastructure to protect the cache from cache poisoning attacks.
What should you configure on Server1?
A. DNS devolution
B. DNS Security Extensions (DNSSEC)
C. DNS cache locking
D. The global query block list

Member

QUESTION 52
Your network contains an Active Directory forest.
The forest contains a single domain.
The forest has five Active Directory sites.
Each site is associated to two subnets.
You add a site named Site6 that contains two domain controllers.
Site6 is associated to one subnet.
You need to verify whether replication to the domain controllers in Site6 completes successfully.
Which two possible commands can you use to achieve the goal? Each correct answer presents a complete solution.
A. Get-ADReplicationSubnet
B. Get-ADReplicationUpToDatenessVectorTable
C. repadmin /showattr
D. Get-ADReplicationSite1ink
E. repadmin /showrepl
Correct Answer: BE

Member

Dear visitor, you need to Register or Login to view links on Certify Chat.

You have a server named Server1 that runs Windows Server 2012.
Server1 has the DNS Server server role installed.
You need to recommend changes to the DNS infrastructure to protect the cache from cache poisoning attacks.
What should you configure on Server1?
A. DNS devolution
B. DNS Security Extensions (DNSSEC)
C. DNS cache locking
D. The global query block list

Member

A global query block list is used to reduce vulnerability associated with dynamic DNS updates.

But you need to protect the cache from cache poisoning attacks. Cache locking is a new feature available if your DNS server is running Windows Server 2008 R2 or higher. When you enable cache locking, the DNS server will not allow cached records to be overwritten for the duration of the time to live (TTL) value. Cache locking provides for enhanced security against cache poisoning attacks.

Dear visitor, you need to Register or Login to view links on Certify Chat.

About Us

Our community has been around for many years and pride ourselves on offering unbiased, critical discussion among people of all different backgrounds. We are working every day to make sure our community is one of the best.